<?php
require 'login-libs.php';

//check that the email address is provided and valid
if( !isset($_REQUEST['email']) || $_REQUEST['email'] == '' || !filter_var( $_REQUEST['email'], FILTER_VALIDATE_EMAIL ) ){
	login_redirect( $url,'noemail');
}

//check that the email matches a row in the user tabel
$r = $database->dbRow('SELECT email FROM user_accounts
			WHERE email = "'.addslashes($_REQUEST['email']).'"
			AND active');
if($r == false){
	login_redirect($url, 'nosuchemail');
}

//succes! generatea validation email, then redirect
$validation_code = md5(time().'|'.$r['email']);
$email_domain = preg_replace('/^www\./', '', $_SERVER['HTTP_HOST']);
$database->dbQuery('UPDATE user_accounts
		SET activation_key = "'.$validation_code.'"
		WHERE email = "'.addslashes($r['email']).'" ' );
$validation_url = 'http://'.$_SERVER['HTTP_HOST'].'/inc/forgotten-password-validate.php?verification_code='.$validation_code.'&email='.$r['email'].'&redirect_url='.$url;
mail($r['email'],
		"[$email_domain] wachtwoord vergeten",
		"Hallo,\n\nEr is een formulier ingevuld voor een vergeten wachtwoord. Als je dit niet zelf gedaan hebt, kun je deze email verwijderen.\n\n
			Om opnieuw op je account in te loggen dien je op de onderstaande link te klikken om je wachtwoord te resetten.\n\n
			$validation_url",
		"From: no-reply@$email_domain\nReply-to: no-repley@$email_domain"
		);

login_redirect($url, 'validationsent');
